System Providing Self-Service Access to Locked Merchandise

ABSTRACT

A system providing self-service access to locked merchandise comprising: (a) providing a fixture that restricts access to the locked merchandise, wherein the fixture can automatically lock or unlock, allowing or restricting access to the locked merchandise; (b) providing a means of uniquely identifying an individual attempting to access the merchandise; (c) measuring a set of behaviors of the individual during any time the fixture is an open mode; (d) assessing whether the set of behaviors of the individual are suspicious or not relative to a set of suspicious event thresholds; (e) storing the individual and their set of behaviors as accessible records in at least one database; and (f) providing an algorithm which determines future access privileges of the individual to the enclosure based on a set of variables.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a Continuation-In-Part of U.S. application Ser. No.17/737,404 filed May 5, 2022, which is a Continuation of U.S.application Ser. No. 17/197,951 filed Mar. 10, 2021, now U.S. Pat. No.11,216,827, which is a Continuation of U.S. application Ser. No.16/940,168 filed Jul. 27, 2020, now U.S. Pat. No. 11,182,803, whichclaims the benefit of priority from U.S. Provisional Patent ApplicationNo. 62/878,747 filed Jul. 26, 2019, the entire contents of which areherein incorporated by reference.

BACKGROUND OF THE INVENTION

There is a universal paradox in retail stores, the better you protectyour merchandise from theft, the greater the impact this protection hason product sales. In their effort to reduce theft of merchandise,retailers place restrictions on access to merchandise, impacting thevast majority of legitimate shoppers. The typical outcome is retailersinconvenience 99% of legitimate shoppers to stop theft from the 1% whocome into their stores to steal. For example, a common method ofreducing theft in a retail environment is to secure high-valuemerchandise by locking it up in a cabinet or other limited accessmerchandise fixture that makes it difficult for legitimate shoppers toaccess the product. To complete a purchase, the shopper must locate astore associate to unlock the fixture, gain access to the merchandise,and ultimately purchase the desired item(s). This process is not onlycostly and labor intensive for retailers, but it's time consuming,frustrating, and inconvenient, for the shopper, which nearly alwaysleads to a horrible customer experience. This locked fixture approachhas existed for year, virtually unchanged, and remains a significantproblem for retailers. The primary goal of this invention is tomodernize this outdated approach and to provide retailers with a meansof protecting merchandise from theft, while creating virtually openaccess to this high value merchandise by legitimate shoppers, arguablyproviding retailers with the best of both worlds.

The recent trend of people willing to trade privacy for convenience isadvantageous to the invention. More and more people willinglysurrendering personal information to more easily access their phones,ATM's, board airplanes and other services. This invention capitalizes onthis trend by requiring shoppers to provide personal identifyinginformation in exchange for the convenience of unfettered access tomerchandise. A typical example would be a shopper desiring to purchasehigh-value merchandise secured inside a locked liquor cabinet. Withoutthis invention, the shopper would have to track down a store associatewho has to locate the key to open the cabinet and access the goods. Thiscumbersome, time consuming, and inconvenient process typically resultsin a loss of 25% to 50% of sales; all this to thwart theft from 1% ofthe shoppers. Using this invention, a shopper approaching the samelocked liquor cabinet is identified by some means, such as facialrecognition, the use of the retailer's app or some form of customerloyalty information, and the cabinet automatically unlocks. So long asthis same shopper doesn't exhibit suspicious behavior, as described inthis disclosure, the cabinet automatically opens each time this shopperreturns.

While locking or otherwise securing merchandise reduces or eveneliminates theft, it also suppresses legitimate sales due to theinconvenience of or even inability of the shopper to obtain requiredassistance when and where needed. This inconvenience causes asignificant percentage of shoppers to abandon the purchase. The value ofthese lost sales often exceeds the savings realized by preventing theft.Even worse, shoppers significantly inconvenienced in a store oftenadversely impacts loyalty (i.e., a regular shopper may choose to switchto a competitive store for future shopping trips), representing a farlarger loss than the missed sale of the protected item.

Given this tension between theft and sales losses, retailers oftenchoose sales preservation over loss prevention. It is simply morefinancially advantageous to suffer theft losses rather than sales lossescaused by securing theft-prone merchandise. This invention fundamentallyeliminates this tension. It allows product protection from theft evenwhile enabling free access to merchandise by trusted customers. Inshort, retailers no longer have to choose between protecting productsfrom theft and reducing sales. Instead, legitimate shoppers are providedready access to protected merchandise while such automatic access isdenied to individuals deemed “untrusted” by the retailer. Theself-service system described in this invention enables retailers toimplement effective loss prevention measures which no longer adverselyimpacts merchandise sales or the shopping experience. Further, theinvention supports loss prevention measures that mitigate bothopportunistic shoplifting (typically an individual stealing an item) aswell as multi-item sweeps (theft of many items at the same time)typically committed by booster teams as part of large-scale organizedretail crime operations.

While the above antitheft scenario inspired the invention, it can alsobe used advantageously in other situations in which identifiedindividuals that exhibit desired behaviors are rewarded with unfetteredaccess to merchandise or other privileges.

In addition to the sales recovery and customer experience advantagesprovided by the invention, there are significant labor savings achievedby allowing customers to self-service locked merchandise. A typicaltransaction requiring a store associate to respond to a customer requestto unlock a case can require up to 10 minutes of “task interruption”time for the store associate. From responding to the customer, locatingthe key, unlocking the cabinet and allowing the customer to shop thecase, and then returning to tasking, this often takes 10 minutes. 10minutes of store associate time is equivalent to ˜$2.50. This cost alongwith the lost productivity can easily eliminate any profit frommerchandise sold in the locked fixture.

Finally, lost keys and re-keying of locked cases is a real problem inretail. Employees misplace keys, they bring them home after their shift,and the mechanism eventually wears out. This not only causes lost salesdue to then inability to access the merchandise, but the cost ofre-keying fixtures is significant.

SUMMARY OF THE INVENTION

The present invention provides for a system providing self-serviceaccess to locked merchandise comprising: (a) providing a fixture thatrestricts access to the locked merchandise, wherein the fixture canautomatically lock or unlock, allowing or restricting access to thelocked merchandise; (b) providing a means of uniquely identifying anindividual attempting to access the merchandise; (c) measuring a set ofbehaviors of the individual during any time the fixture is an open mode;(d) assessing whether the set of behaviors of the individual aresuspicious or not relative to a set of suspicious event thresholds; (e)storing the individual and their set of behaviors as accessible recordsin at least one database; and (f) providing an algorithm whichdetermines future access privileges of the individual to the enclosurebased on a set of variables. Preferably, the fixture admits or restrictsaccess based on a trusted shopper score assigned to the individual whencompared to a trusted shopper score threshold. Most preferably, thetrusted shopper score increases when the individual exhibits normalbehaviors and the trusted shopper score decreases when the individualexhibits suspicious behaviors. Optionally, at least one database isselected from the group consisting of a customer, a VIP customer, aknown offender, a banned customer, a store associate, merchandisevendor, security personnel, and other. Preferably, the system assignsthe individual's behavior as either normal or suspicious by comparingthe set of behaviors of the individuals relative to interactions withthe merchandise contained in the fixture or their interactions with thefixture itself against the set of suspicious event thresholds. Mostpreferably, the system is capable of deploying a set of real timedeterrents once a suspicious behavior threshold is crossed.

In another aspect, the means of uniquely identifying the individual isat least one selected from the group consisting of biometricidentification methods, RFID, NFC, bar codes, QR codes, user ID andPasswords, credit or bank cards, driver's licenses, smart phone App's,and cell phones. Alternatively, the fixture restricts access to themerchandise in the fixture through restricting access to the merchandiserelative to the individual until access is granted. Preferably, thesystem further comprises at least one sensor to track and monitor theset of behaviors from the individual.

In yet another aspect, the individual can be associated with aclassification of at least one selected from the group consisting of acustomer, a VIP customer, a known offender, a banned customer, a storeassociate, merchandise vendor, security personnel, and other.Preferably, the suspicious event threshold can be determined based onthe classification of the individual. Alternatively, individualsclassified as authorized store associates have suspicious event andtrusted shopper score thresholds set to allow stocking of the fixturewithout such behavior being classified a suspicious behavior.Preferably, if a request to open the fixture is made by certain highrisk classes of individuals, then the system will transmit a classspecific response comprising sending a unique identifier (UID) to astore associate. Optionally, a class of individual can be denied accessfor a specified period of time. Preferably, the suspicious behaviorthreshold can be automatically set based on a statistical analysis ofpast behaviors from a number of individuals. Alternatively, a localreal-time deterrent is deployed in real time when the suspicious eventthreshold is crossed. More preferably, the system will transmit a classspecific response comprising sending a unique identifier (UID) to astore associate if a request to open the fixture is made by certain highrisk classes of individuals. Optionally, a user of the system can enrollknown offenders, store associates, vendor personnel, and securitypersonnel into its individual classification database.

The primary purpose of the invention is to maximize sales whileminimizing theft. It also maximizes convenience and improves theshopping experience for the vast majority of legitimate shoppers whileselectively denying unsupervised merchandise access by likelyshoplifters. The invention intelligently enables and disables real timedeterrents based on a given shopper's past behaviors and othervariables. By uniquely identifying each shopper at a merchandise displayfixture and simultaneously observing and recording their behavior, theinvention can determine if future product access will be granted to thatshopper. Once a shopper exhibits suspicious behavior, anti-theft realtime deterrents are deployed during the event, and also duringsubsequent visits. For example, a legitimate shopper will be grantedfree access to a locked merchandise cabinet while an “untrusted”individual is denied unsupervised access. This is accomplished byuniquely identifying the person (though not necessarily “by name”) anddetermining if past behavior or other factors warrant granting thatperson access to the merchandise. Once access is granted, the inventionmay trigger local alarms or real time store personnel notification ifthe shopper exhibits suspicious behaviors resembling theft events inprogress. The invention draws upon several methods for uniquelyidentifying shoppers requesting access to protected merchandise, andseveral other methods for identifying behaviors deemed normal,undesirable, or suspicious. By coupling the elements of personalidentification, product movement sensing technologies, databasecorrelations, and algorithms, access to protected merchandise can beoptimally managed.

In certain configurations, the restricted access fixture may containmultiple locked fixtures which are coupled to a single customer facingUser Interface and or local controller. This centralized controllerprovides a single point of individual authentication and facilitatesaccess to the all the associated locked fixtures. Using one method ofaccessing the multitude of locked cases, the central authenticationcontroller would authenticate the individual requesting access to thelocked fixtures as a trusted shopper, once authenticated, all lockedfixtures coupled to that controller would open. Once the shopper opensone of the coupled fixtures, the other locked fixtures would re-lock. Inanother embodiment, the user can select a specific locked fixture of themultiple locked fixtures to access, and only that specific fixture wouldbe opened. For all these multi-locked fixtures use cases, the normalauthentication processes, suspicious event detection processes,deterrent activations, employee notifications etc. which are utilized ina single locked fixture configuration would be utilized in thismulti-case configuration.

It should be noted that the self-service authentication methods used toaccess to locked merchandise practiced by this invention are optionaland are accessed on an “opt-in basis”. Any customer who is uncomfortableutilizing these identification and authentication methodologies or isuncomfortable trading personal identifying information in exchange forself service access to locked merchandise may simply summon a storeassociate through the system and the store associate can provide accessto the locked merchandise.

Self-Checkout Application & Use of Trusted Shopper Score

This invention has other applications where past behaviors can bemonitored to grant or deny privileges in the future. Since the inventioncorrelates uniquely identified individuals with merchandise interactionbehaviors, it can also be utilized at other applications such as fixedself-checkout stations as well as self-checkout via the shopper's mobiledevices (mobile checkout) to identify “trusted shoppers” who haveexhibited repeated good behaviors as well as “untrusted shoppers” whohave exhibited suspicious behaviors in the past. As used herein, theterms “fixed self-checkout” and “mobile checkout” are usedinterchangeably and are referred to collectively as “self-checkout.” Forthe self-checkout or mobile checkout embodiments of this invention, theshopper would follow a very similar process as when they access thelocked case embodiment to access the self-checkout. In effect, theywould be trading personal identifying information in order to gain aprivilege or convenience such as access to locked merchandise or accessto a self-checkout.

-   1) The shopper would opt-into the self-service checkout or they    could opt out and presumably receive an assisted self-checkout.-   2) After opting in, the shopper would provide some form of personal    identifying information to gain access to the self-checkout.-   3) The system would use their personal identifying information to    look up their trusted shopper score (assuming they are not a    first-time user).-   4) First time users are granted access to establish their trusted    shopper score.-   5) If the shopper is above the trusted shopper score threshold, they    are granted access to the self-checkout.-   6) If the shopper is below the trusted shopper score threshold, they    would be denied access and optionally, a store associate would be    notified to assist the customer in checking out.-   7) While the shopper is performing the self-checkout by scanning    merchandise, one or more sensors are monitoring their behavior.    These behaviors can include the following: The number of total    interactions with the system, the number of interactions which are    deemed suspicious, the number of interactions deemed to be    non-suspicious, items moved through the scanning area but not    scanned and then placed in the bagging area, items not moved through    the scanning area and not scanned, scanning items with a price from    a lower cost item, scanning an item and then placing a different    item of the same weight in the bagging area, scanning all items but    then not completing payment, walking through the self-checkout area    without stopping at a scanning station, purposefully not scanning an    item using their cell phone in a mobile self-checkout scenario, plus    several other fraudulent behaviors designed to either pay a lower    price or outright steal the items by not paying.-   8) The system stores shopper behaviors in a database for each use of    the self-checkout.-   9) Statistical models are employed against historical shopper    behaviors to establish the threshold between normal and suspicious    self-checkout behaviors. Often times, a mis-scanned item is not    malicious or intended to commit fraud, it may simply be user error.    In this case, users are allowed to miss a scan, as long as they    correct it once notified of the error in scanning. These behaviors    may be deemed suspicious; however, they may not affect your trusted    shopper score or may have a minimal effect since many self-checkout    customers commit these errors.-   10) If a shopper exhibits behaviors that exceed the suspicious    behavior threshold, that transaction is deemed suspicious and stored    in the database.-   11) An algorithm is utilized to analyze individual shopper's    historical self-checkout behaviors to create a trusted shopper    score.-   12) An individual's historical self-checkout behaviors are compared    to other shopper's behaviors and using the algorithm, their trusted    shopper score is calculated.-   13) An individual's trusted shopper score is negatively impacted    when the shopper creates a suspicious event by exceeding the    suspicious event threshold and positively impacted by exhibiting    normal self-checkout behaviors.

In this embodiment, the present invention provides for a system forenabling trusted shoppers to access self-checkout while restrictingnon-trusted shoppers in a retail environment, comprising:

-   (a) providing a means of uniquely identifying an individual    attempting to access the self-checkout;-   (b) providing one or more sensors for identifying self-checkout    behaviors;-   (c) measuring a set of behaviors of the individual during a time    when the individual is in proximity of or interacting with the    self-checkout;-   (d) assessing whether the set of behaviors of the individual are    suspicious or not relative to a set of suspicious event thresholds;-   (e) storing the individual and their set of behaviors as accessible    records in at least one database; and-   (f) providing an algorithm which determines future access privileges    of the individual to the self-checkout by analyzing their historical    behaviors. Optionally, the set of behaviors measured is at least one    selected from the group consisting of items not passed over the    self-checkout price scanner, items not scanned but passed over the    scanner, items scanned but the price and or barcode does not match    the merchandise scanned, scanning all items but then not paying,    being shown a scanning error and not correcting the error, scanning    a low cost item and placing a higher cost item in the bagging area,    the number of total transactions, the number of suspicious events,    the number of non-suspicious events, having items in your cart which    were not scanned via mobile checkout, and any other behavior    intended to fraudulently receive merchandise without paying or    without paying the actual price of the merchandise. Preferably, the    set of behaviors from each self-checkout interaction event comprises    shopper behavior data and is stored in the at least one database.    Most preferably, statistical models are applied to the shopper    behavior data to calculate the set of suspicious event thresholds    that delineate normal shopping behaviors from suspicious shopping    behaviors. Alternatively, statistical models are applied to an    individual shopper's behavior data to create a trusted shopper score    for the individual shopper. More preferably, historical shopper    behavior data is used to establish at least one threshold for the    trusted shopper score. Optionally, other shopper data unrelated to    the shopper behavior data can be included in the calculation of the    trusted shopper score. Similarly, the other shopper data unrelated    to the shopper behavior data comprises at least one selected from    the group consisting of historical purchase behaviors, return fraud    behaviors, prior-theft incidence, police reports, credit scores,    case management systems, and other data related to the shopper    purchases or theft behaviors. These thresholds can also be set    manually. Most preferably, shoppers whose trusted shopper score    crosses the at least one threshold of the trusted shopper score    would affect their access privileges to the self-checkout. In    another aspect, the set of suspicious event thresholds are    periodically updated by the statistical models as additional shopper    behavior data is collected by the system. Preferably, at least one    sensitivity variable is used to adjust the calculation of the set of    suspicious event thresholds. In yet another aspect, the at least one    sensitivity variable corresponds to a percentage of shoppers    estimated to be offenders or a database of risk factors associated    with a store.

This Trusted Shopper Score algorithm, whether used for the Locked Caseor the any other application of the TSS, can also utilize ArtificialIntelligence algorithms to identify “patterns of behaviors” within theindividual's historical behavior. Individual behaviors which aresuspicious in isolation are not necessarily enough to deteriorate a TSSbelow the threshold. However, a pattern of behaviors taken collectivelymay have a larger effect than taking each behavior individually. Thiseffect can be both affect the TSS positively or negatively. Examplesinclude shopper A who exhibit a number of non-suspicious behaviors andthen exhibits two or three suspicious behaviors followed bynon-suspicious behaviors would remain a trusted shopper. This patterncan be compared to shopper B who initially utilizes the system and theirfirst three transactions are suspicious, this shopper B's trustedshopper score may immediately deteriorate below the TSS thresholdwhereas shopper A's TSS may not be as impacted. As a result, thealgorithm utilizes artificial intelligence to recognize patterns withinan individual's behavior that affect their trusted shopper score eitherpositively or negatively.

Alternatively, shoppers who have been denied access to the self-checkoutdue to their trusted shopper score can get reinstated by providing atleast one selected from the group consisting of additional identifyinginformation, financial information, a deposit, and other form ofincreased security for the retailer or some form of financial guaranteefor the retailer.

Preferably, the method of uniquely identifying a shopper is at least oneselected from the group consisting of shopper loyalty card information,government issued ID, financial institution cards such as debit cards orcredit cards, cell phone numbers, cell phones carried by shoppers whichmay have local connectivity as a means of identification, a retailer'sApp which the shopper is logged into, biometric information such asfacial recognition, palm ID, finger print readers, or other forms ofbiometric identifiers, employee ID cards or employee numbers, or anyother form of personal identifying information.

In yet another aspect, the system further comprises a real timenotification or alarm feature if the set of behaviors of the individualare suspicious relative to the set of suspicious event thresholds.Preferably, the system comprises a means of recording a video or storingimages of the individual accessing the self-checkout, the merchandisescanned and the area surrounding the self-checkout before, during andafter the self-checkout transaction. In a more preferred aspect, thesystem further comprises a means of transmitting the video or image to adevice viewable by appropriate personnel, including the shopper.

Typical Operating Sequence

While reasonable variations of the operating sequence may be implementedper the detailed description, the following represents a typicaloperating sequence of the invention.

First, a person desiring access to the locked merchandise fixtureencounters a visual display adjacent to the locked fixture whichpresents the customer with two options, to either call an associate tounlock the fixture in the traditional way, or to use personalidentification to enable self-service access to the locked fixture. Thecustomer so indicates their choice by pressing a soft button on thetouch screen display.

If the customer selects the self-service option, they are then presenteda disclosure statement which provides “informed consent” for the systemto utilize personal information for the purpose of unlocking thefixture. If the shopper opts-in and chooses the self-service option, thesystem takes a “mug shot” of the individual as they are entering theirpersonal identifying information via the built-in camera. If the systemis using biometrics such as facial recognition to uniquely identify theshopper, a visual and/or audible message then instructs the user to lookdirectly at the camera typically located above the display. The displaypresents the customer with an image of the shopper from the embeddedcamera. The customer aligns their face with a box on the screen, thusproviding a perfect “mug shot” of the individual. The system thencompares the biometric information with a database of shoppers todetermine if this individual is a “trusted shopper” and will be allowedaccess to the locked case.

Once the customer is determined to be a trusted shopper, the lockreleases and the display indicates the fixture is open. The customeropens the case and removes the desired merchandise. The system countsthe units removed from the fixture while open, how long the case isopen, how many times the individual has accessed the case in variousperiods of time, and how often a shopper has accessed any system. Thecase then automatically locks once the fixture is closed utilizing theauto closing feature. The customer's personal identifying informationmerchandise removal, and other behaviors are data logged in the systemdatabase.

In the event the shopper exhibits a set of behaviors that exceeds aper-determined suspicious event threshold, the system can deploy localreal-time deterrents and/or notify store associates.

If the shopper is a known offender or is a shopper who has exhibitedrepeated suspicious behaviors in the past, they will be deniedself-service access to locked merchandise and the system notifies astore associate to open the locked fixture and provide “supervisedaccess” to the locked merchandise.

In the case of denial of self-service access, a store associate isnotified and once enrolled in the system, the store associate can usetheir own personal identifying information to unlock the case withoutthe need for keys.

There are multiple methodologies for achieving the operating sequencedescribed above and the detailed description that follows illustratesthe various methodologies and sensor which can be used to achieve thisoperational sequence.

BRIEF DESCRIPTION OF DRAWINGS

The novel features of this invention, as well as the invention itself,both as to its structure and its operation, will be best understood fromthe accompanying drawings, taken in conjunction with the accompanyingdescription, in which:

FIG. 1 illustrates an exemplary embodiment of a fixture with userinterface of the present invention;

FIG. 2 illustrates an alternative exemplary embodiment of a fixture withuser interface of the present invention;

FIG. 3 illustrates an alternative view of the fixture of FIG. 2 ;

FIG. 4 illustrates an alternative exemplary embodiment of a fixture withuser interface of the present invention;

FIG. 5 illustrates an exemplary user interface of the present invention;

FIG. 6 illustrates an alternative exemplary embodiment of a fixture withuser interface of the present invention;

FIG. 7 illustrates an alternative exemplary embodiment of a fixture withuser interface of the present invention; and

FIG. 8 illustrates an overview of the self-access system presentinvention.

DETAILED DESCRIPTION OF THE INVENTION

The invention is best understood by first gaining insight into the typesof sensors and devices which are coupled together to enable itsoperation. Keeping in mind that a specific attribute of the invention isthat is the operation of the invention is not dependent on any onespecific sensing or merchandise access restriction technology. Threecategories of sensors and devices are typically integrated to operatethe invention:

-   People identification sensors capable of uniquely identifying an    individual;-   Merchandise interaction (customer behaviors) sensors.-   Real-Time Deterrents Merchandise protection and suspicious behavior    notification devices;

Using the information and controllable access provided by these devicecategories, the invention determines if a given person is considered“trusted” and will be granted merchandise access. A more detaileddescription of each category follows.

Person Identification Sensors

The invention requires a method of uniquely and repeatedly identifyingeach person for which the invention is considering granting merchandiseaccess. As these sessions may occur on different days, at differentlocations within the store, and even at different stores theidentification method must remain accurate even when an individual wearsdifferent clothes, hair styles, etc. The invention also identifies storeassociates and allows them, once registered, access to merchandise forstocking purposes. The invention's core functionality does not requireidentifying the person “by name,” though some ancillary benefits,described later, may be realized with this functionality.

Any method of identification meeting the above requirements areacceptable. These include but are not limited to:

-   Facial recognition using video cameras;-   Other biometric methods, such as iris recognition, fingerprint    detection, or any other biometric detection that can uniquely    identify an individual;-   RFID, Bar Code, QR Code, and other methods integral to a card or    other device issued by the store (such as a loyalty card selectively    provided to customers by the store);-   Government issued ID cards such as a driver's license, passport or    trusted traveler card;-   Financial institution cards such as debit cards, credit cards or    other financial institution cards which can be a source of    identification.-   Cell phones carried by shoppers which may use local connectivity    (e.g., WiFi, Bluetooth and/or NFC) as a means of identification;-   Smart phones carried by shoppers that are logged in to the    retailer's app (the login considered adequate proof of    identification), using the onboard wallet which contains bank cards    or credit card information as a source of identification;-   Using onboard biometric identification capabilities on smart phones    carried by shoppers, then relaying this confirmation to the    invention via the retailer's App, by presenting the shopper's phone    screen (displaying a QR or similar code) to the invention's camera,    or via a text message; the transaction could be initiated on the    shopper's phone resulting in identification confirmation to the    invention or the shopper could scan a QR or similar code displayed    by the invention to automatically launch the identification process    and the installed retailer's App on the shopper's phone;-   Smart phones carried by shoppers accessing a web site that performs    biometric identification; this method does not require an installed    retailer's App on the shopper's phone and could be automatically    launched by scanning a QR or similar code at the fixture.-   Employee ID cards which contain an employee number which uniquely    identifies the employee. Employee access cards which could otherwise    be used to access the building;-   Any other device or method issued by the retailer which uniquely    identifies the individual

Location Confirmation of Identified Persons

Some methods of person identification inherently confirm the physicalpresence of the person at the locked fixture. For example, facialrecognition by a camera at the fixture. However, some identificationmethods described above using the shopper's smart phone do not providethis assurance, making it possible to intentionally or accidentallyunlock a fixture from a remote location, which is undesirable. Methodsto confirm physical location in such situations include but are notlimited to:

-   Short Range Wireless Connectivity with Shopper's Smart Phone:    Typically using Near Field Communication (NFC) or Bluetooth, both of    which have limited range but NFC being the most suitable;-   Location Based Services Detecting Shopper's Smart Phone: WiFi    services providing “triangulation” methods;-   Dynamic QR Codes: While a shopper's phone could scan a QR Code label    affixed at the fixture location, a photo of that QR Code could be    used at any time and any place to inappropriately trigger an unlock    command. To avoid this, Dynamic QR Codes displayed by the invention,    or a nearby discrete device, change periodically or even with every    transaction.-   Two step authentication: Entering a cell phone number into the    on-board touchscreen display and subsequently receiving a text    message and entering the code contained in the text message into the    display.

Merchandise Protection and Suspicious Behavior Notification Devices

The invention is typically used with one or more devices providing ameans of securing and/or limiting access to merchandise. A requirementof these devices is a means by which control signals from the inventionmay allow or deny complete and/or limited access to the protectedmerchandise. The possible types of devices that could meet thisrequirement are virtually unlimited; some examples:

-   Locked Cabinets/Doors: Typically, an electronically activated    locking device grants or denies access to the protected merchandise    behind the door. These range from fully enclosed cabinets to flip    doors in front of merchandise shelves to refrigeration doors opened    to access beer or other high-theft merchandise;-   Dispensing Display Fixtures: A wide variety of devices fit this    category which includes: peg hooks with a knobbed spiral coil that    must be turned to permit removal of one item at a time; push button    devices that dispense one item when pressed (much like a vending    machine); merchandise “pushers” that keep a facing of merchandise    pressed tightly against the front of a shelf; and specialized    fixtures (such as for canned baby formula) that rely on a specific    form factor for limiting the number of units dispensed. Whether the    operating mechanism is largely mechanical or electronic, all    compatible devices can be controlled by the invention to permit (or    not) dispensing of one or more of the protected products or, in the    case of pushers, to disable the pushing function to limit access to    merchandise.-   Movable Fence: Any kind of sliding or pivoting fence that can be    moved to gain access to the product.

Fixture Status Sensors

All of the fixtures the invention is compatible with would have sensoron the door/fence/dispensing mechanism which can detect the status ofthe fixture, namely, is the fixture “open” in the sense that merchandisecan be accessed, or is it “closed” in the sense that access to themerchandise is restricted or is inaccessible in the closed state.

Real Time Deterrents

Anti-theft deterrent devices can be controlled by the inventionincluding various communication, notification, and alarms devices. Usingproduct removal information from internal sensors such as themerchandise movement sensors, fixture status sensor, camera tamperingsensor etc., to detect suspicious events the invention can trigger localdeterrents such as notifying store personnel and/or activating localdeterrence devices which may be local alarms, local voice announcements,flashing lights, audio such as PA announcements, turn on cameras, or anyother traditional ant-theft deterrent device which would deter theoffender from proceeding with the theft.

In one possible configuration, merchandise may not be physicallyprotected from access but rather the invention notifies store personneland/or activates local deterrence devices mentioned above when an“untrusted” person is detected interacting with or removing merchandise.

Customer Behavior Sensors, Merchandise Interaction Sensors

It is desirable, though not always required, that sensors inform theinvention of the characteristics of the customer's set of behaviorsincluding merchandise interaction by the identified individual accessingthe merchandise. This may include the following detections (and possibleinvention characterizations):

-   No merchandise removed (typically considered a non-event);-   One item removed, possibly including identification of the specific    merchandise item (a normal shopper purchase);-   Multiple items removed within normal shopper patterns (likely not    considered a suspicious event);-   Rapid or other abnormal removal of multiple items (a suspicious    event).-   Multiple items removed of the same product beyond normal shopper    patterns (likely a suspicious event)-   Replacement of product, as in a merchandise replenishment or    stocking action by a store associate or simply a customer changing    their mind about a purchase.-   Door open duration: how long the door is open after an individual is    granted access.-   Frequency of visits to any locked case in the system. It is also    considered suspicious of an individual access cases in the system    too frequently even if each individual transaction is normal    behavior.-   Concealment of merchandise once removed from the invention.-   Removal of a large number of items with one action (taking three or    more items in your hand at one time and removing them from the    invention)-   Purposeful tampering of the sensors or camera of the invention.-   Multiple failed attempts to access the invention.-   Using fraudulent credential to access the invention.

The invention is not dependent on any specific method of detecting theseinteractions or behaviors and it is to be understood that not allacceptable methods of detection are capable of providing all of theinteraction characterizations listed above. The type of merchandiseinteraction sensor is typically determined and/or limited by themerchandise protection method used (e.g., locking case, peg hook, etc.).Generally, any sensor capable of providing at least some insight intothe nature of merchandise interaction can be used by the invention.These sensors have the common capability of measuring productinteraction and some have the additional capability of measuringinventory and specific product SKU level information. These sensingtechnologies include, but are not limited to, the following:

-   Cameras (including 3D cameras) with integral or post-processing    artificial intelligence capabilities able to detect merchandise    interactions which may include detection of a hand. penetrations    into an open fixture, and quantity of items held in a hand during    removal; these cameras can also count the number of units before and    after a transaction, thereby “netting” the number of items removed    less the number replaced. These cameras could also be equipped with    Artificial Intelligence capable of detecting the type of merchandise    contained in the fixture down to the SKU level. This SKU data is a    useful input to both the TSS algorithm, for stocking and    replenishment purposes, and also for correlating items removed from    the fixture with items subsequently purchased at the checkouts.-   Vibration sensors able to detect the movement of merchandise on/off    shelves, peg hooks, and other displays;-   Switches (including magnetic switches and similar) detecting    merchandise removal on dispensing display fixtures commonly known as    pushers or smart peg hooks.-   Weight measuring pads that can determine the number of items on a    shelf.-   Light detecting devices which can determine the location and number    of items on a shelf.-   RFID tags which can be detected by a receiver and count units being    removed from a fixture or being replaced. This technology can also    uniquely identify the product down to the SKU level. This SKU data    is a useful input to both the TSS algorithm and for stocking and    replenishment purposes.-   Smart Fixtures: any fixture with sensing technology that can    determine units being removed from a fixture and also the inventory    position of each product contained in the fixture. This inventory    data is a useful input for stocking and replenishment purposes.-   Sound detection: fixtures which detect an audible sound related to    product removal-   Door open sensors which can identify when and for how long the door    to the invention are open.-   As individuals attempt to access the invention, their behavior    during the authentication process is also monitored and stored in    the database. These behaviors include entering fraudulent    information, multiple failed attempts at gaining access, and    defeating the cameras while attempting to gain access.-   Tamper detection: all of the above sensors can be configured to    sense when an individual is attempting to tamper with the sensor,    notifying the invention of any abnormal situation indicative of a    tampering situation.

As noted previously, not all of these methods can reliably provide allpossible merchandise interaction characteristics. However, the inventioncan be configured to optimize for best use of those characterizationsthat can be provided.

The Trusted Shopper Algorithm and Development of the “Trusted ShopperScore”

An individual's privileged access to secured merchandise is determinedby an algorithm which takes as its primary input this individual'sbehavior during each fixture access event. Based on the individualidentification methodology utilized by the invention, the algorithm mayhave access to databases containing multiple additional attributes (,e.metadata) related to this individual which enable to the algorithm toconsider these additional attributes to make more informed merchandiseaccess decisions. These additional individual attributes are summarizedin the section below entitled Shopper Metadata. This Metadata is used toplace individuals into a “classification”.

Past shopping behaviors, combined with these Metadata attributesresulting in an individual's classification are inputs to the algorithmand are used to develop a Trusted Shopper Score or TSS. This TSS is anumerical score which can be compared to a programmable Trusted ShopperScore threshold set by the retailer as the basis for ongoing access tolocked merchandise. In fact, as different merchandise carries differentrisks of theft, the retailer could program each individual lockedfixture with its own unique TSS threshold based on the merchandisecontained in that fixture.

Past Shopping Behavior and Trusted Shopper Score

Each time the individual demonstrates trustworthy behavior during afixture access event, the algorithm increases that person's TSS.Likewise, detected undesirable behavior (such as abnormal merchandiseinteraction activity and permitting “tailgating” or allowing othershoppers access to an open fixture) results in the reduction of thatindividual's Trusted Shopper Score. Once established, the TrustedShopper Score is compared to a TSS threshold established by the retailerand as long as the individual remains above the threshold, future accessprivileges are maintained. If an individual's TSS drops below thethreshold, the system will deny unsupervised access to the merchandiseand will summon a store associate. For example, an aggressive TSSthreshold might deny unsupervised access based on one suspiciousmerchandise interaction. In this aggressive example, a single incidenceof unacceptable behavior effectively revokes that shopper's privilegedaccess rights.

There are many reasons a retailer may not elect such an aggressivethreshold. After all, retailers do not want to alienate loyal shoppersand often are more concerned about sales losses than theft losses. Sinceit is possible that acceptable behavior may occasionally be incorrectlyperceived as unacceptable, a more lenient threshold could be warrantedsuch that a complete loss of unsupervised access occurs only when a veryserious and definitive breach of behavior is detected and/or whenmultiple suspicious events are detected or a pattern of unacceptablebehavior has occurred.

Another input to the algorithm is simply the passage of time. Forexample, when a shopper removes a large number of units from a fixture,this behavior is generally viewed as suspicious and would negativelyaffect their TSS. This could result in denied unsupervised access.However, this behavior may have been instigated by an in-store sale ormay simply be forward buying behavior based solely on a discounted priceor promotion. If a shopper forward buys several packs of razor bladesfor example, the algorithm may drop their TSS sufficiently to berestricted from accessing any locked merchandise. After the passage of aspecified period of time, the algorithm would increase their TTS to anacceptable level to allow self-service access again. The algorithm mayalso allow the same individual to be granted access to other merchandisewhile being restricted from accessing razor blades for a specifiedperiod of time.

Accordingly, the set of shopping behavior factors that may be consideredby the algorithm include, but are not limited to:

-   Immediate past behavior event-   Multiple past behavior events-   Patterns of behavior (such as attempts to “game the system” like    alternating acceptable behavior and theft behavior to gain tokens)-   Accuracy of sensing technology: The ability to detect suspicious    behaviors is based on the type of behavior detection sensors; for    example, dispensing devices typically have a very high accuracy on    the quantity and specific merchandise removed while vibration    detection devices are less accurate; video sensing accuracy is often    dependent on camera placement and merchandise type.-   Value of merchandise subjected to unacceptable removal.-   Specific SKUs removed.-   Time between past and current attempts to access the merchandise.-   Shopper history; purchasing history; registered membership in store    programs; store App utilization; and/or long and frequent loyalty    would be considered more trusted;

The inclusion and/or weighting of the above factors are used eitheralone, or in combination with Shopper Metadata, and the individual'sclassification by the algorithm and result in a “Trusted Shopper Score”for that individual. The retailer then sets a TSS threshold which isused by the invention in evaluating merchandise access requests tolocked fixtures. This same TSS may be used by other store systems forgranting levels of shopper permissions, such as unsupervisedself-checkout, use of store portable scanning devices, and otherprivileged services, or virtually any service which otherwise wouldrequire supervision by store personnel.

Penalty for Crossing the Trusted Shopper Score Threshold

When a shopper crosses the trusted shopper score threshold, they will bedenied self-service access to the fixture. This denial-of-service periodcan be for a specified period of time depending on the level of the TSS.For example, if the TSS falls slightly below the threshold, a one-weekdenial of service could be invoked. If the TSS drops significantly belowthe threshold, the individual may be denied self-service access for amonth or more. If the individual is detected concealing merchandise orremoving a substantial amount of merchandise, that individual may bedenied self service access for a year or perhaps permanently.

Anti-Fraud Applications for First Locked Fixture Interactions

The configuration variables of the invention enable the retailer todetermine how to initiate new shoppers into the system. For example, thealgorithm could be configured such that all first-time users (exceptthose in the pre-existing “Known Offender” database, described later)are considered trusted and provided privileged access. So long asacceptable behavior is observed on the initial and subsequentinteractions, access privilege is granted.

An alternative implementation might require shoppers to register or“opt-in” to the system (e.g., via a loyal shopper program or otheridentification means described above) as a prerequisite to being grantedprivileged access. By opting into the system, the shopper would then begranted greater shopping convenience. In this case, identification ofthe individual could link to a known “by name” loyal shopper database.

To prevent a would-be thief from committing a theft the first time theyuse the system, a time delay may be introduced to prevent the first-timeuser from self-service access for a programmable period of time. 48hours for example. By inserting this access delay, this would frustratethe thief and cause them to abandon the theft. It would also act as anadditional deterrent, providing the thief with the impression that hiscredentials are being “investigated and authenticated”. Utilizing theCell Phone/Text method this prevents thieves from using so called burnerphones to gain initial access.

In another embodiment, other types of delays may be introduced. Forexample, when using the loyalty card method of access, the user may berequired to complete one or several transactions linked to their loyaltycard prior to gaining self-service privileges. In another example, whenusing the retailer's App or Loyalty card information, the user may berequired to have purchased a certain dollar amount of merchandise, orcomplete a certain number of legitimate transactions prior to gainingself-service privileges.

In all of the above examples, the goal is to stop a would-be thief fromfraudulently signing up for a loyalty card, or logging into a retailer'sApp, using a fraudulent cell phone number. simply to gain access to thelocked case for theft purposes.

Self-Calibration of Suspicious Event Thresholds

As previously noted, if the quantity of items removed from a monitoredfixture exceeds the suspicious event threshold, that transaction isdeemed a “Suspicious Event” and the shopper associated with the actionwill be placed in a time out condition and have their TSS negativelyimpacted (depending on the incident and other factors comprising theirTrusted Shopper Score). The removal of an extreme quantity ofmerchandise in a single transaction, however, would exceed an evenhigher suspicious event threshold defining a “Sweep Event”. Even anindividual with a high Trusted Shopper Score would likely be severelypenalized if associated with a Sweep Event.

An acceptable number of product removals will vary based the type ofmerchandise contained in the locked fixture. As the number of lockedfixtures utilizing the invention grows, a single retailer may havethousands of cases utilizing this self-service invention. Manuallydetermining, configuring, and maintaining appropriate event thresholds,especially the Suspicious Event threshold across thousands of lockedfixtures across hundreds of stores, can become very time consuming andperhaps impractical to manage. The fine line between a reasonably normalshopping quantity and a somewhat excessive quantity can vary bymerchandise assortment, store location, and even season of the year. Theinvention's threshold self-calibration function automates this task byperiodically adjusting the Suspicious Event threshold based on astatistical analysis of customer behaviors over time.

Other behaviors which the invention measures which would also be subjectto the auto-calibration algorithm to statistically analyze and establishsuspicious event thresholds includes but are not limited to thefollowing:

-   1) Net units removed from the fixture in a single transaction. This    is the net of units removed and units replaced in the same    transaction.-   2) The net units removed from the fixture which represent an    “excessive” number of units removed (such as a sweep event).-   3) The duration the movable door is in an open state.-   4) The number of times a unique user accesses the same fixture in a    defined unit of time (for example: 24 hours, 48 hours, 72 hours, one    week etc.).-   5) The number of times a unique user accesses any fixture in the    system of fixtures in a defined unit of time (for example: 24 hours,    48 hours, 72 hours, one week etc.).

Self-calibration requires the retailer to establish an initialSuspicious Event Rate by estimating the percentage of transactionsrepresenting Suspicious Events. For example, the retailer may estimate(as is generally the case) that 98 of its shoppers are trusted andlegitimate, and therefore 2% of its shoppers are potential offenders.This estimate represents the percent of fixture opening events thatwould likely be related to theft events. This percentage establishes theSuspicious Event Rate. After an initial statistically relevant number offixture opening events, the system would then automatically adjust theSuspicious Events Threshold (defined as the number of unit removalsdetermined to be suspicious) based on actual measured product removalbehavior observed by previous shoppers according to the percentthreshold set by the retailer. The invention's self-calibrationalgorithm retains product removal data from each opening event and usesthat data to calculate a suspicious event threshold based on thesuspicious event rate indicated by the retailer. In this example, thenumber of units removed by the top 2 percent of shoppers would be deemedSuspicious Events. The invention then periodically adjusts the thresholdon a rolling basis to take into account possible merchandise changes,sale events, and other external factors that would affect the number ofproduct removals from the locked fixture.

This self-calibration algorithm uses statistical methods to eliminate“outliers” representing non-standard behaviors which would otherwiseskew the Suspicious Event Threshold or other system data in general. Forexample, if the top 2% of shopper merchandise interactions containnon-standard behaviors, the self-calibrating algorithm would determineif these interactions are non-standard outliers, and remove theseoutliers from the calculation of the suspicious event threshold. Toillustrate this scenario, if one or more of the 2% of shoppers used toestablish the suspicious event threshold were to take 500% more than theremainder of the top 2% of shoppers, this could skew the average forthis group and could impact one of the methods for calculating thesuspicious event threshold. Removing these outliers will create a moreaccurate suspicious event threshold based on more standard behaviors.

These statistical methods also provide a means of conditioning the datato remove outlier events which are non-standard events which could skewthe data. Normal statistical methods and norms are utilized by theinvention to condition the data and remove these outliers prior toapplying the statistical analysis and establishing the suspicious eventthresholds.

The invention requires initial suspicious event thresholds to beestablished such that the system can operate prior to sufficient datacollection is completed and the auto-calibration to take effect andadjust the suspicious event thresholds. These “default” thresholds areutilized by the invention until the auto-calibration adjusts accordingto historical user behaviors.

The invention also provides the ability for system operators to overridethe auto-calibration features and to manually enter suspicious eventthresholds which would be fixed in nature and not automatically adjust.This override functionality can be applied to any of the measuredbehaviors individually.

This self-calibrating algorithm may accept external metadata andindividual classification as inputs to more specifically calibrate eachindividual fixture and dynamically change the suspicious event thresholdaccording to changes in merchandise, pricing, or other external factorsthat may affect product removal behaviors. This meta data may includebut is not limited to the following; SKU level information about whatmerchandise is contained in the locked case (no matter how this data iscollected), RFID information, planogram information, pricing data, aswell as promotional information, weather events, any natural disasterevents, civil unrest, or any other metadata which is likely to affectproduct removal behaviors.

It is advantageous to eliminate known merchandise stocking data from theself-calibration algorithm. In the event the system has access tometadata and is aware of individual classifications such as storeassociates, vendors or other non-customers accessing the locked fixtureand the associated re-stocking events, the self-calibrating algorithmwould ignore product interaction data associated withnon-customer-initiated re-stocking events (or customer assistancerequests for denied or opt-out customers). In this way, the algorithmmay more accurately determine normal product removal thresholds withoutthe additional outliers created by stocking events or other non-customergenerated product removal events.

The Role of Metadata Databases and Integration With Other Store Systems

The invention's benefits can be enhanced through access to variousMetadata (other data from independent databases which can be correlatedto an individual attempting to access the case). The following Metadatacould be used to enhance an individual's classifications, their trustedshopper score, and other purposes:

-   Registered Loyal Shoppers Database—as noted previously, customer    loyalty card information can be useful as a means of rewarding loyal    customers by initiating privileged access. The shopper's purchase    history, total spend, unique shopping habits, duration in the    membership program, and overall loyalty may be considered by the    Trusted Shopper algorithm in deeming certain actions acceptable.-   Financial Information: A shopper who uses a debit card or a credit    card to access the case could provide information about their    financial condition. These factors such as credit score, bank    balances, credit limits etc. can provide an enhanced risk profile    for individuals attempting to access the case.-   Purchase history of a shopper—by accessing a shopper's personal    shopping history, the TSS algorithm may provide for a more lenient    treatment of suspicious events committed by shoppers who spend over    a threshold with a retailer. This allows for the avoidance of    denying self-service access by a retailer's highest spending    customers.-   Known Offender Database—includes known perpetrators such as    convicted shoplifters, suspected booster gang members, and other    individuals banned from privileged access. This database can be an    integration of data provided by local law enforcement, through the    retailer's own case management system, or other known offender    databases. Known offenders are denied self-service access but may    still access the merchandise by the system notifying a store    associate to unlock the fixture. The system can notify the store    associate and communicate that a known offender is requesting access    to the locked merchandise, allowing the associate to follow    alternate product protection protocols such as bringing the    merchandise to the cashier rather than handing it to the offender.    Further, in the case of unsecured but monitored merchandise,    merchandise interaction by those shoppers identified as known    offenders will result in immediate store associate notification    actions as well as deployment of local deterrents, as described    earlier. It is especially noteworthy that the known offender    Database is not exclusive to a specific store location but is a    composite from across multiple stores in that retailer's chain and    perhaps even shared information from other retailers.-   Store Associates Database—includes the identity of all store    employees and is used to provide ready access to secured merchandise    to the associate in the course of assisting shoppers not granted    self-service privileged access; further, since the act of    re-stocking merchandise can be interpreted by some sensors as a    theft occurrence, an authorized store associate would avoid this    determination (for this reason, the system may also refer to the    time clock system database to verify the store associate is on duty    as a condition to ignoring what would otherwise be deemed a    suspicious event). This database can be coupled to the retailers    HRIS system which can automatically enroll and remove store    associates as they are hired and terminated from the company.    Additionally, this data would be used by the self-calibrating    algorithm to ensure only customer product removal data is used in    determining the suspicious event thresholds.-   Vendor Employee Database—in some cases, retailers ask merchandise    vendors to re-stock shelves with their products. In these cases,    non-retailer employees may be granted access to the locked cases the    same way store associates are granted access. Much like the Store    Associates Database, this provides identity and authorization    information (e.g., which merchandise locations) regarding vendors    who may re-stock certain merchandise.-   Video Management Systems: If video is used as a sensing technology    or if the merchandise is monitored by in-store video surveillance,    this video stream can be “bookmarked” by the system to enable    auditing of system performance as well as the identification and    possible apprehension of offenders who exhibit suspicious behaviors.-   Self-Checkout Auditing: Increasingly retailers are employing    self-checkouts. These self-checkouts have auditing procedures which    can identify individuals who fail to scan all items or otherwise    cheat the system. If individuals are uniquely identified using this    process, this database can be integrated into the TSS algorithm to    make better access decisions. Alternatively, once a shopper exhibits    suspicious behavior at the locked case, if that customer is also    identified at the self-checkout, the attendant may be notified to    assist that shopper and ensure the items removed were properly    checked out.-   SKU Level Product Data: Awareness of the products contained in the    case is useful to the TSS algorithm to more precisely set suspicious    event thresholds. It is also useful for stocking and replenishment    purposes, as well as compliance with retailer policies for which    products should be placed in the fixture.-   Gender, Age, and Mood Data: When using biometric or other personal    identification methodologies, these systems are capable of    determining age, gender and even mood. These inputs are useful to    the system in identifying customers who may need assistance. This    information is also useful to the retailer for marketing and    merchandising by identifying the demographics of the customers who    are accessing certain SKUs. This information can be used to display    more targeted advertisements on the display of the invention or    other specific local advertising vehicles.

When Merchandise Access is Denied or Delayed

In the event a shopper's Trusted Shopper Score is below the TSSthreshold and requested access is denied, the invention summonsassistance to meet the customer's needs; methods include:

-   Customer Assistance Request: An audio or text message is sent via    communication devices carried by store associates or even over the    PA system. The reason for the denial (for example, an unknown    shopper vs. a known offender) can result in different messaging and    resulting actions. In this example, and depending on store policy,    associates may simply unlock the fixture and hand the desired    merchandise to the unknown shopper while the associate may be    required to accompany a known offender to checkout or leave the    merchandise at checkout for the known offender to purchase on the    way out;-   Video Streaming: Making use of the invention's optional camera,    video display, microphone, and speaker, an automatic live-streamed    connection may be established between the shopper at the fixture and    a store associate (who may or may not actually be in the store);    depending on the situation, the associate may remotely command the    fixture to unlock or may elect to physically go to the fixture or    direct another associate to do so to assist the customer.

In some situations, there may be a delay before merchandise access isgranted. For example, a retailer may elect to deter losses byconfiguring the system to include a hold-off time for unlocking afixture between requests from the same shopper or possibly evendifferent shoppers; invoking a hold-off and its duration may beinfluenced by the recent pattern of openings as well as the requestor'sTrusted Shopper Score. In such a situation, the display provides acountdown or other indication of the holdoff to encourage the shopper towait.

Applying Trusted Shopper Score to Self-Checkout and Exit Audits

Retailers are increasingly installing self-checkout stations in theirstores at which shoppers scan and pay for their own purchases. Notsurprisingly, this process is vulnerable to theft (such as not scanningall items taken by the shopper). Another method of self-checkout enablesshoppers to use mobile scanning devices provided by the store or eventheir own smartphone loaded with a store app to perform checkout asitems are selected on the sales floor and placed directly into bags orin a shopping cart. This is even more vulnerable to theft as individualscan easily drop some items into the bags without scanning or even exitthe store without scanning any items at all.

The invention can help reduce this theft activity in three ways:

-   Self-Checkout Behavior as in Input to the TSS Score: Most    self-checkout systems incorporate various devices, such as    analytical video monitoring or product weight measuring devices to    detect possible theft activity. Such detections can serve as an    input to the trusted shopper score algorithm and could result in    triggering a mandatory exit audit of a shopper's receipt against    items in their cart, require a “supervised checkout” by a store    associate on future visits, or a complete suspension of    self-checkout privileges should a pattern emerge.-   Protected Merchandise not Scanned: As previously described, the    invention uses various sensors to detect removal of high-value    merchandise from secured and, in some cases, unsecured locations.    This merchandise removal may be associated with a specific    individual. If the removed merchandise is subsequently not scanned    by the same individual through a checkout process, the algorithm may    characterize that action as an unacceptable behavior that may    trigger a receipt audit or lead to revocation of merchandise access    and/or self-checkout privileges.-   Selective Exit Auditing: As a further action related to either    self-checkout method, detection of removed merchandise not being    scanned could result in the trust algorithm triggering a    notification or other signaling method such that as the individual    approaches a store exit, their purchases may be subjected to an exit    audit to verify scanning accuracy.

Advertising, Marketing and Couponing Functions of the Invention

The invention by its very nature has a “captive audience” in terms of ashopper standing in front of a fixture containing specific merchandise.In addition, leveraging metadata and an individual's classificationdata, advertising can be customized. This is an ideal environment fortargeted advertising to this individual in an attempt to influence theirpurchase behavior. This advertising capability is integral to theinvention and represents “high value real estate” to any potentialadvertiser.

The means of advertising is common and not important to the invention.It can be either audio or audio/visual. This can be delivered throughthe invention's built in audio capability, an external speaker, theinvention's built-in display, an auxiliary display located either on thefixture of adjacent to the fixture. Virtually any means of providingpromotional messaging can be utilized.

Selecting the right type of advertisement is core to the invention. Thetype of advertisement can be selected based on a range of inputs. Fromvery simple, such as what merchandise is contained in the case, tocomplex, utilizing personal information, metadata and an individual'sclassification related to the individual requesting access to the lockedmerchandise. Utilizing this information, the system can deliversignificantly more targeted, and therefor more effective advertisements.These advertisements can be brand advertisements, promotions such asadvertising a sale or special promotion. They can also be general storeads such as credit card promotions or loyalty membership benefits.

The following represent certain use cases for the advertising andmarketing functions of the invention.

Merchandise Contained in the Case: In the case where the system is awareof the merchandise contained in the case, either manually entered by theretailer or detected by the merchandise movement sensor, the system canprovide intelligent advertising related to and specific to themerchandise contained in the case. This can be product categoryadvertisements or it can be brand specific ads. If the system can detectwhen a certain SKU is sold out, a similar product can be suggested.

Personally-Identified Shoppers: In some configurations of the invention,the system knows the shopper “by name”. This is the case when theidentification methodology is a shopper's loyalty card number, or aretailer's App for example. Once shoppers trade personal identifyinginformation for the convenience of self-service access, the system knowswho is accessing the merchandise. This information can be used by thesystem to provide more targeted advertisements, especially when ashopper's metadata is leveraged. For example, VIP customers can beidentified and provided a “thank you” messaging to promote brandloyalty.

Anonymously-Identified Shoppers: In some configurations, the shopper isidentified uniquely but given an anonymous User ID. In this case, thesystem can keep track of the shopper over time but does not know theshopper's identity. In this case, the system is aware of the productslocated inside multiple fixture and, based on accumulated shopperpurchase behavior identified by which locked cases they have accessed,the system can play targeted advertisements when this shopper isdetected dwelling in front of the fixture, or when this shopper isaccessing the merchandise.

Age, Gender, and Mood Identified Shoppers: In some configurations, age,gender and mood data is added to the shopper identification. Thisinformation can be used as an input to select appropriate advertisingmessaging.

Shopper Dwell: The system is capable of detecting shopper dwell inproximity to the fixture using integrated dwell sensors. In some cases,this sensor cannot uniquely identify the shopper, in other cases, suchas with beacons or geofencing via the retailer's app, the system canpersonally identify the shopper. In this scenario, advertisements can beplayed enticing shoppers in proximity to the fixture to purchasemerchandise contained in the fixture.

Couponing: As part of the invention's marketing functions, it has theability to dispense coupons either generally to all individuals, orselectively based on the customer data is has available. Armed withcustomer data, the system can choose when to dispense a coupon. VIPcustomers or the Retailer's Loyalty Members may be given a coupon, whilenon-VIP or non-loyalty customers do not.

Dynamic Couponing: If the system has the capability to detect whichproducts are chosen from the fixture, a real-time coupon could bepresented to the shopper in an attempt to influence their productselection. In a competitive situation, coupons can be dynamicallydispensed based on the initial brand selection in the case. For example,if product from Brand A is selected, a coupon for Brand B can bepresented. If the shopper initially selects Brand B, no coupon isprovided.

In general, the system can accept inputs from any and all customerspecific information, metadata sources, and its own sensor data to makeintelligent decisions about advertising and couponing.

Non-Biometric Face Detection

Due to privacy concerns related to facial recognition and other forms ofbiometric data collection, some retailers may balk at adopting certainembodiments of the system described above. The alternative methoddescribed below avoids these concerns while still delivering many of thesystem's benefits.

It is noteworthy that one of the few theft prevention technologiesretailers report as effective, even when used over an extended time, isthe Public View Monitor (PVM). This ubiquitous device, seeminglyinstalled in every retail store, is simply a video display with anembedded camera such that the viewer sees him or herself in the display.These are generally located at store entrances or at certain high riskmerchandise. Some models provide a visual and/or audio indication whenmotion is detected to promote the inference of active detection. Theimplication is the video stream is being monitored and/or recorded.However, most PVM's are not even connected externally, much lessmonitored or recorded. Still, perpetrators are left to contemplate . . .are they watching? Often, the choice is to not take the chance,resulting in theft deterrence.

The alternative embodiment described here combines the uncertaintyinstilled by PVM's and with the deterrence of locked merchandise. Muchlike the invention described earlier using biometric means of uniquelyidentifying shoppers, shoppers desiring to purchase protectedmerchandise may do so by simply providing an acceptable image of theirface (or other biometric information). This means of accessing lockedmerchandise is significantly more convenient than calling a storeassociate. In addition to deterring theft, this approach also avertssales loses typical of secured merchandise and boosts productivity sincestore staff need not repeatedly go to the merchandise to assist theshopper.

Detailed Description of the Non-Biometric Method

The following elements typically comprise implementation of this method:

-   Video Module: Includes a video display, an audio speaker, at least    one (hard or soft) button, and optionally, a wired/wireless external    connectivity provisions. Connectivity enables the Video Module to    accept information from local sensors, if used, and to communicate    with other devices and systems on the store's network, to include    communication devices, monitoring stations, and servers. The Video    Module is physically small enough to minimize merchandise    obstruction and is adjustable to permit aiming the camera to capture    the face of users of varying heights, including those in    wheelchairs.-   Electronically Controlled Lock: As variety of theft mitigation    merchandise fixtures can be outfitted with the invention, the actual    locking mechanism will vary. The primary embodiment employs a    solenoid or magnetic locking control. Depending on the    configuration, a switch or other sensor (which may be a separate    device or integral to the locking mechanism) may monitor the fixture    to confirm return to its secure state (such as a door in the closed    position). Note that some configurations may not use a lock, as    described later.

While reasonable variations of the operating sequence may beimplemented, the following is typical.

First, a person desiring access to the locked merchandise so indicatesby pressing a hard or soft button on the touch screen display

A visual and/or audible message then instructs the user to look directlyat the camera typically located above the display. The display presentsthe customer with an image of the shopper from the embedded camera. Thecustomer aligns their face with a box on the screen, thus providing aperfect “mug shot” of the individual Upon detection of a face, atracking box optionally appears around the face and/or a captured imageof the face is displayed. No facial recognition occurs; merely detectionthat someone's human face has been presented to the camera.

After presence of the face has been detected, a short delay (typically,3 seconds) occurs to infer processing of the image. Some may assumefacial recognition and even identity database lookup is occurring duringthis time, though that is not the case. Various visual and/or audio cuesmay be presented during this time. For example, a yellow frame mayappear on the perimeter of the display and the words “Processing”displayed and possibly spoken.

At the end of the delay, the lock is released, allowing the shopper toselect the desired merchandise therein.

During the time merchandise is made available, merchandise removaldetection sensors as described above (such as fixture vibrationmonitoring devices, video, pressure mats, peg hook and pusher dispensecounters, and other technologies) detect the quantity of items beingremoved. If that quantity exceeds the suspicious event threshold alsodescribed above, the event is deemed “suspicious” and, depending onsystem configuration, the system may deploy a local deterrent such as anotification over the system's display, an audible alarm, flashinglights or turn on an external anti-theft deterrent and/or immediatelycreate an alert notification to store staff, local loss preventionpersonnel, or a remote monitoring station. Such notification istypically accompanied by the image or video captured when merchandiseaccess was granted.

The image of the person granted access remains on the screen until thetransaction terminates, the determination of which depends on fixturetype and system configuration. Three methods define termination:

-   Return to Secure State (Door)—This is typically detecting the return    of a door on a locked cabinet or a flip door on a merchandise    gondola to its closed state. It applies to other securement methods    in which releasing the lock permits a person to open a door or other    device then, after obtaining the desired merchandise, the door or    other device is returned to the closed position, which is detected    by the system using a switch or other sensor.-   Controlled Dispense (“Vending” Fixture)—Some secure merchandise    fixtures operate similar to a vending machine in which, once access    is granted, a person takes an action to dispense one (or possibly    more) items. For example, baby formula is a frequently stolen item    so is sometimes displayed in a fixture allowing only one item to be    removed at a time. Another example are the many methods of limiting    access to merchandise typically displayed on peg hooks—from    electronically locking peg hooks to “corkscrew” manual twist devices    that don't prohibit access but slow it down. In these and many    similar applications, an electronic locking mechanism can be    fashioned and controlled by the invention.-   Timed Access (Open Fixture)—In some situations, there may be no    physical barrier to the merchandise. For example, a vast cosmetics    assortment would be difficult or undesirable to obstruct with a    physical barrier. In this situation the Video Monitor can be used in    conjunction with methods to sense people interacting with    merchandise. There exist numerous sensing methods for this including    cameras, vibration sensors, infrared virtual fences, pressure mats,    and more). Once a face has been detected, the Video Monitor permits    access to this merchandise for a defined period of time and/or a    quantity of accesses (penetration of hands into the merchandise    area), then warns that the interval is ending. Accessing merchandise    outside of this time interval can trigger a low level alarm, such as    the Video Monitor providing an audio message that access granting is    required or, if access persists, a higher alarm level such as    notifying loss prevention personnel.

After termination of access (such as the shopper closing the door), noadditional access requests will be processed throughout a configurablehold-off period, such as 30 or 60 seconds. The purpose of this hold-offperiod is to deter a thief from repeatedly accessing the lockedmerchandise and, with each access, removing a quantity of items belowthe suspicious event threshold. The system can be further configured todetect a suspicious pattern of repeated access which, itself, cantrigger a suspicious event and/or result in the system going intolockdown mode, disabling further self-service access for a time and/oruntil reset by local or remote personnel.

Yet another possible system action under such suspicious circumstancesis for the Video Monitor to immediately establish a real time video callwith a store associate's communication device (e.g., a smart phone orsimilar) or to a staffed computer at a remote monitoring station. Shouldthe subsequent conversation warrant, the store associate or monitoringstation personnel can command an unlock through the communication deviceor computer.

Likewise, should a shopper request access during the hold-off period,the system may be configured to immediately notify a store associatethat assistance is needed at that location or, as noted previously, avideo call may immediately be established with appropriate personnel whocan remotely unlock the merchandise, if warranted. Alternatively, ifobstacles to accessing store personnel are anticipated, the videodisplay may provide messaging to encourage a requesting shopper to waituntil the hold-off period expires.

The Video Monitor is capable of providing other benefits when notserving its primary function. For example, promotional information,including videos, regarding the protected merchandise could bedisplayed. Another available function is simply as a camera with aunique view accessible to the store's local or remote video monitoringstation.

We claim:
 1. A system for enabling trusted shoppers to accessself-checkout while restricting non-trusted shoppers in a retailenvironment, comprising: (a) providing a means of uniquely identifyingan individual attempting to access the self-checkout; (b) providing oneor more sensors for identifying self-checkout behaviors; (c) measuring aset of behaviors of the individual during a time when the individual isin proximity of or interacting with the self-checkout; (d) assessingwhether the set of behaviors of the individual are suspicious or notrelative to a set of suspicious event thresholds; (e) storing theindividual and their set of behaviors as accessible records in at leastone database; and (f) providing an algorithm which determines futureaccess privileges of the individual to the self-checkout by analyzingtheir historical behaviors.
 2. The system of claim 1, wherein the set ofbehaviors measured is at least one selected from the group consisting ofitems not passed over the self-checkout price scanner, items not scannedbut passed over the scanner, items scanned but the price and or barcodedoes not match the merchandise scanned, scanning all items but then notpaying, being shown a scanning error and not correcting the error,scanning a low cost item and placing a higher cost item in the baggingarea, the number of total transactions, the number of suspicious events,the number of non-suspicious events, having items in your cart whichwere not scanned via mobile checkout, and any other behavior intended tofraudulently receive merchandise without paying or without paying theactual price of the merchandise.
 3. The system of claim 1, wherein themethod of uniquely identifying a shopper is at least one selected fromthe group consisting of shopper loyalty card information, governmentissued ID, financial institution cards such as debit cards or creditcards, cell phone numbers, cell phones carried by shoppers which mayhave local connectivity as a means of identification, a retailer's Appwhich the shopper is logged into, biometric information such as facialrecognition, palm ID, finger print readers, or other forms of biometricidentifiers, employee ID cards or employee numbers, or any other form ofpersonal identifying information.
 4. The system of claim 2, wherein theset of behaviors from each self-checkout interaction event comprisesshopper behavior data and is stored in the at least one database.
 5. Thesystem of claim 2, wherein statistical models are applied to the shopperbehavior data to calculate the set of suspicious event thresholds thatdelineate normal shopping behaviors from suspicious shopping behaviors.6. The system of claim 5, wherein the set of suspicious event thresholdsare periodically updated by the statistical models as additional shopperbehavior data is collected by the system.
 7. The system of claim 1,wherein at least one sensitivity variable is used to adjust thecalculation of the set of suspicious event thresholds.
 8. The system ofclaim 7, wherein the at least one sensitivity variable corresponds to apercentage of shoppers estimated to be offenders or a database of riskfactors associated with a store.
 9. The system of claim 1, wherein thesystem further comprises a real time notification or alarm feature ifthe set of behaviors of the individual are suspicious relative to theset of suspicious event thresholds.
 10. The system of claim 1, whereinthe system comprises a means of recording a video or storing images ofthe individual accessing the self-checkout, the merchandise scanned andthe area surrounding the self-checkout before, during and after theself-checkout transaction.
 11. The system of claim 9, further comprisinga means of transmitting the video or image to a device viewable byappropriate personnel, including the shopper.
 12. The system of claim 1,wherein statistical models are applied to an individual shopper'sbehavior data to create a trusted shopper score for the individualshopper.
 13. The system of claim 12, wherein historical behavior datafrom the individual shopper's behavior data are used to establish atleast one threshold for the trusted shopper score.
 14. The system ofclaim 13, wherein shoppers whose trusted shopper score crosses the atleast one threshold of the trusted shopper score would affect theiraccess privileges to the self-checkout.
 15. The system of claim 12,wherein other shopper data unrelated to the shopper behavior data can beincluded in the calculation of the trusted shopper score.
 16. The systemof claim 15, wherein the other shopper data unrelated to the shopperbehavior data comprises at least one selected from the group consistingof historical purchase behaviors, return fraud behaviors, prior-theftincidence, police reports, credit scores, case management systems, andother data related to the shopper purchases or theft behaviors.
 17. Thesystem of claim 1, wherein shoppers who have been denied access to theself-checkout due to their trusted shopper score can get reinstated byproviding at least one selected from the group consisting of additionalidentifying information, financial information, a deposit, and otherform of increased security or enhanced financial guarantees for theretailer.
 18. The system of claim 1, wherein the algorithm utilizesartificial intelligence to recognize patterns within an individual'sbehavior that affect their trusted shopper score either positively ornegatively.